| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef SANDBOX_LINUX_SYSCALL_BROKER_BROKER_HOST_H_ |
| #define SANDBOX_LINUX_SYSCALL_BROKER_BROKER_HOST_H_ |
| |
| #include "base/macros.h" |
| #include "sandbox/linux/syscall_broker/broker_channel.h" |
| #include "sandbox/linux/syscall_broker/broker_command.h" |
| |
| namespace sandbox { |
| |
| namespace syscall_broker { |
| |
| class BrokerPermissionList; |
| |
| // The BrokerHost class should be embedded in a (presumably not sandboxed) |
| // process. It will honor IPC requests from a BrokerClient sent over |
| // |ipc_channel| according to |broker_permission_list|. |
| class BrokerHost { |
| public: |
| BrokerHost(const BrokerPermissionList& broker_permission_list, |
| const BrokerCommandSet& allowed_command_set, |
| BrokerChannel::EndPoint ipc_channel); |
| ~BrokerHost(); |
| |
| // Receive system call requests and handle them forevermore. |
| void LoopAndHandleRequests(); |
| |
| private: |
| const BrokerPermissionList& broker_permission_list_; |
| const BrokerCommandSet allowed_command_set_; |
| const BrokerChannel::EndPoint ipc_channel_; |
| |
| DISALLOW_COPY_AND_ASSIGN(BrokerHost); |
| }; |
| |
| } // namespace syscall_broker |
| |
| } // namespace sandbox |
| |
| #endif // SANDBOX_LINUX_SYSCALL_BROKER_BROKER_HOST_H_ |
